New Annual Report from GuidePoint’s Research and Intelligence Team (GRIT) Reveals a 40% YoY increase in Active Threat Groups as Cybercrime Ecosystem Evolves

HERNDON, Va.: #cybersecurity--GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, announced today the release of the GuidePoint Research and Intelligence Team’s (GRIT) annual Ransomware & Cyber Threat Report.

The GRIT 2025 Ransomware & Cyber Threat Report provides exclusive in-depth research, insights and analysis on the evolving ransomware ecosystem, exploring who cybercriminals are targeting (and why), the top tactics threat actors are using and what the future may hold for emerging ransomware groups in 2025.

“The GRIT 2025 Ransomware & Cyber Threat Report reveals the resilience and persistence of the ransomware-as-a-service (RaaS) model, highlighting the difficulty of disrupting it,” said Jason Baker, Lead Threat Analyst at GuidePoint Security. “From major law enforcement disruptions to group shakeups and new behavior patterns, 2024 was at times a chaotic year for threat actors—yet ransomware activity and new groups continue to proliferate. Well-resourced defenders, active vulnerability management, attack surface awareness and actionable intelligence remain critical to mitigating information security risks in 2025.”

Noteworthy findings from this year’s report include:

• A record high of ransomware victims, with 1,600+ ransomware victims in Q4 2024 alone—the largest number recorded in a single quarter since the report’s inception.
• A 40% YoY increase in active threat groups, illustrating a continually-developing threat landscape. GRIT identified 88+ total active threat groups in 2024, including 40 newly observed adversaries.
• An average of 93 ransomware victims were posted per week on the dark web. RansomHub claimed the largest number of victims in 2024, displacing LockBit as the most active ransomware group for the first time since 2021.
• The United States remains a top geographic target for ransomware attacks. In 2024, more than half (52%) of ransomware victims were based in the U.S.
• An average of 110 Common Vulnerabilities and Exposures (CVEs) published per day, underscoring the overwhelming volume and velocity of information which cybersecurity teams are facing. Almost 40,000 CVEs were reported in 2024, a 43% increase from 2023.
• Nearly 44% of vulnerabilities were rated “High” or “Critical” severity. However, threat actors continue to rely on historical vulnerabilities from preceding years.
• The Manufacturing industry was most heavily impacted by ransomware, followed by the Technology and Retail/Wholesale industries. Interestingly, despite several high-profile attacks in 2024, the Healthcare sector dropped out of the top three most affected industries by the end of the year.

“Throughout the year, we also witnessed multiple instances of significant international law enforcement operations that dealt heavy blows to various threat actors and their infrastructures,” Baker added. “While the fight is far from over, the enduring effects of these law enforcement campaigns suggest that we’re developing more effective and sustainable strategies to combat our adversaries—and we anticipate continued progress in 2025.”

The report also explores the impacts of ransomware on critical infrastructure, examines threat actor deception and misinformation efforts in 2024 and examines major ransomware events throughout the year, including the continued fallout from Operation Cronos.

The GRIT 2025 Ransomware & Cyber Threat Report is based on data obtained from publicly available resources, vendor threat research, internal incident response case data and open-source intelligence collected from illicit forums and marketplaces.

For more information:

• Download the GRIT 2025 Ransomware & Cyber Threat Report
• Register for GRIT’s upcoming webinar
• Explore more GRIT reports and other resources

About GuidePoint Security

GuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled 40% of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture. Learn more at www.guidepointsecurity.com.

Fonte: Business Wire